Use case: In some cases, when components (e.g. Agents) crash on a Windows machine, it is helpful to activate Dumps. These Dumps can help development analyzing the root cause. To create such dumps in a case of an crash, it is necessary to activate Windows Error Reporting. How to do this is described below. It is valid for all Windows version starting with Windows Server 2008 and Windows Vista with Service Pack 1 (SP1). By default, Windows Error Reporting is disabled on a Windows machine.
Activating Windows Error Reporting:
- In Windows Start Menu, type regedit
- When found, right click on regedit.exe and select "Run as Administrator"
- Go to registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting
- In this key, the following entries must be created:
|DumpFolder||The path where the dump files are to be stored. If you do not use the default path, then make sure that the folder contains ACLs that allow the crashing process to write data to the folder.|
For service crashes, the dump is written to service specific profile folders depending on the service account used. For example, the profile folder for System services is %WINDIR%\System32\Config\SystemProfile. For Network and Local Services, the folder is %WINDIR%\ServiceProfiles.
|REG_EXPAND_SZ||The default is|
Please make sure there is enough disk space
|DumpCount||The maximum number of dump files in the folder. When the maximum value is exceeded, the oldest dump file in the folder will be replaced with the new dump file.||REG_DWORD||Default 10|
|DumpType||Specify one of the following dump types:|
- 0: Custom dump
- 1: Mini dump
- 2: Full dump
|REG_DWORD||For a detailed analysis, please always use 2|
These registry values represent the global settings. You can also provide per-application settings that override the global settings. To create a per-application setting, create a new key for your application under HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Windows Error Reporting\LocalDumps (for example, HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Windows Error Reporting\LocalDumps\MyApplication.exe). Add your dump settings under the MyApplication.exe key. If your application crashes, WER will first read the global settings, and then will override any of the settings with your application-specific settings.
After an application crashes and prior to its termination, the system will check the registry settings to determine whether a local dump is to be collected. After the dump collection has completed, the application will be allowed to terminate normally. If the application supports recovery, the local dump is collected before the recovery callback is called.You can test these settings with the Automic tool UCYBCRSH.EXE. It causes a purposeful program crash in order to test the corresponding impacts. This debugging program is found in ..\tools\nosupp. If you start it without parameters or with the parameter "div", the program crash "divide by zero" (exception number 0000094) is caused by default.
For example: C:\UC4\TOOLS\UCYBCRSH.EXE div
If it is opened using the parameter "acc" the error "access violation" is caused.
For example: C:\UC4\TOOLS\UCYBCRSH.EXE acc
To test the per-application setting, you can copy and rename the exe-file.